First American, one of the largest insurance companies in the United States, has confirmed that the cyber incident in late December 2023 was indeed a ransomware attack.
As noted by Cybersecurity divethe company filed an updated Form 8-K with the Securities and Exchange Commission (SEC) on Friday, December 29, 2023.
In the filing, the insurance giant confirmed that it had suffered a ransomware attack and claimed to be working to address it.
American financial colossus
“While the incident remains under investigation, the company believes the perpetrator of the activity accessed certain corporate systems, exfiltrated data, and encrypted data on certain non-production systems,” First American said in the filing. “The company continues to assess whether the incident will have a material impact on the company's financial condition or results of operations, which cannot be determined at this time.”
The first reports appeared around December 20. At the time, First American reported “unauthorized activity” on some of its IT systems.
“Upon detection of the unauthorized activity, the company took steps in an effort to contain, assess and resolve the incident. On December 20, 2023, the company elected to isolate systems from the internet,” the filing further stated. “The company has retained leading experts, worked with law enforcement and notified certain regulatory authorities.”
Since then, First American believes it has successfully contained the attack and is now in the process of restoring access to its systems and resuming normal business operations.
First American Financial Corporation is an American financial services company that provides title insurance and settlement services to the real estate and mortgage industries. It was founded in 1889 and generated $7.6 billion in revenue last year. The head office is located in California and employs more than 21,000 employees.
This isn't the only time First American has suffered a cyberattack. About a month ago, it paid a $1 million fine to settle violations of the New York Department of Financial Services (DFS) Cybersecurity Regulation for a data breach that occurred in May 2019.